summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_util.c36
-rw-r--r--source3/auth/auth_winbind.c3
2 files changed, 30 insertions, 9 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 3dc0fdbe46..c474049617 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -926,21 +926,38 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
fstring dom_user;
struct passwd *passwd;
- fstr_sprintf(dom_user, "%s%s%s",
- domain, lp_winbind_separator(), username);
+ fstr_sprintf(dom_user, "%s%s%s", domain, lp_winbind_separator(),
+ username);
passwd = Get_Pwnam(dom_user);
+
+ if ( passwd ) {
+ char *p;
+
+ /* make sure we get the case of the username correct */
+ /* work around 'winbind use default domain = yes' */
+
+ p = strchr( passwd->pw_name, *lp_winbind_separator() );
+ if ( !p )
+ fstr_sprintf(dom_user, "%s%s%s", domain,
+ lp_winbind_separator(), passwd->pw_name);
+ else
+ fstrcpy( dom_user, passwd->pw_name );
+ }
+ else {
+ /* if the lookup for DOMAIN\username failed, try again
+ with just 'username'. This is need for accessing the server
+ as a trust user that actually maps to a local account */
- /* if the lookup for DOMAIN\username failed, try again
- with just 'username'. This is need for accessing the server
- as a trust user that actually maps to a local account */
-
- if ( !passwd ) {
fstrcpy( dom_user, username );
passwd = Get_Pwnam( dom_user );
+
+ /* make sure we get the case of the username correct */
+ if ( passwd )
+ fstrcpy( dom_user, passwd->pw_name );
}
- if (passwd == NULL)
+ if ( !passwd )
return NT_STATUS_NO_SUCH_USER;
*uid = passwd->pw_uid;
@@ -953,6 +970,9 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
--jerry */
*found_username = talloc_strdup(mem_ctx, dom_user);
+
+ DEBUG(5,("fill_sam_account: located username was [%s]\n",
+ *found_username));
return pdb_init_sam_pw(sam_account, passwd);
}
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index d09987ba37..0e2820313e 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -76,7 +76,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
}
if (strequal(user_info->domain.str, get_global_sam_name())) {
- DEBUG(3,("check_winbind_security: Not using winbind, requested domain was for this SAM.\n"));
+ DEBUG(3,("check_winbind_security: Not using winbind, requested domain [%s] was for this SAM.\n",
+ user_info->domain.str));
return NT_STATUS_NOT_IMPLEMENTED;
}